[squid-users] "NF getsockopt(SO_ORIGINAL_DST)" filling cache.log due to AWS ELB healthchecks

John Smith burnncrashnow at gmail.com
Thu Oct 29 00:06:18 UTC 2015

Hi Eliezer,

I've added a single line to my squid.conf:
http_port 3130

And I've modified my AWS ELB healthcheck to monitor port 3130 instead of
Now my instances are still in the ELB, and the proxy still works as
expected, AND the amount of garbage errors in the cache.log has been
significantly reduced.

Unfortunately I'm seeing a single a single line in cache.log every time I
hit the proxy on port 3128:
2015/10/28 23:53:32| IpIntercept.cc(137) NetfilterInterception:  NF
getsockopt(SO_ORIGINAL_DST) failed on FD 61: (92) Protocol not available

>From other posts, it appears this warning message related to NAT.  I'm not
doing NAT on the squid proxies, the load balancer takes care of that.

Any ideas how to remove the rest of the noise from my logs?

Thanks again for the help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151028/fba59878/attachment.html>

More information about the squid-users mailing list